Beware of Office 365 Phishing Attacks

No matter how hard your organization tries to protect employees and its customers, it is possible for determined individuals to find a way to bypass built-in security protections and steal your account credentials.

Here are two examples:

  • you will get an email with a notification that you have late tasks in the Planner
  • you will receive an email containing a link to a SharePoint document which is similar to standard SharePoint invitation

If you click on the link, a fake login page will appear.

What to do if your Office 365 account was hacked?

  • contact your IT support immediately
  • reset your password
  • remove mailbox delegates
  • disable mail forwarding rules
  • remove the global mail forwarding property
  • enable Multi-Factor authentication
  • set a complex password
  • enable mailbox auditing
  • deliver Audit Logs to the admin to review

Follow these steps to prevent phishing attacks

  1. Educate your colleagues about the dangers and the warning signs of phishing attacks.
  2. Do not click on a suspicious link from unknown email addresses/senders.
  3. Do not input your Office 365 account credentials into suspicious forms, or when a connection to a website is not secure.
  4. Always try to use two-factor authentication.
  5. Purchase and enable Advanced Threat Protection.

Use Advanced Threat Protection from the Security & Compliance Center

Advanced Threat Protection has a set of machine learning models with detection algorithms that can mitigate a very high percentage of phishing attacks. It is available in the Office 365 E5 plan, but you can also purchase it as an add-on to your existing Plans.